You have just unpacked and powered on a new SOHO router for a small business. Before connecting any client devices, you want to eliminate the risk that an attacker could sign in with the factory-supplied credentials, which are easily found online. Which of the following steps should you take FIRST to mitigate this specific threat?
Disable SSID broadcast
Set a firewall rule
Enable WPA2 encryption
Set a strong password for the router's admin interface
The best way to remove the threat of publicly known default credentials is to change the router's administrator password to a strong, unique value. CISA warns that default router login information "may be publicly available for anyone to find," so creating a long, random password prevents attackers from leveraging those defaults. Enabling WPA2 encryption improves the confidentiality of Wi-Fi traffic but does not secure the management interface if an attacker gains local access. Setting a firewall rule or disabling SSID broadcast likewise fails to address the vulnerability posed by unchanged admin credentials.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are factory-supplied credentials?
Open an interactive chat with Bash
Why is setting a strong password important for routers?
Open an interactive chat with Bash
What does WPA2 encryption do, and why doesn't it secure the admin interface?